isafe_setup_t.exe

The application isafe_setup_t.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from dl2.yac.mx.
MD5:
f8c7e563fcf176620c1fd63cda1a1cbe

SHA-1:
c88ac52679cc4c24b20dc2e12012e37d41656e33

SHA-256:
4b81fe4720be4cbdc39e2524c1b53b803bd45a19e042bb8a0d10dcdc6d9239fb

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:14:25 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex.iSafe (M)
16.7.8.9

File size:
11.5 MB (12,078,688 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\isafe_setup_t.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
196608:4PmXVrkW/otudJ8Y8lxybA2QZybKpXqQVJld1/uSynGzt9Nve7It:4oNloyJ8XlxP9ZkKVvld1/uSynGztnW8

Entry point:
93, 36, 87, A8, DC, FB, 91, 52, DC, C5, 29, 27, BF, 28, B2, A9, 3C, 69, 72, BE, 0A, AC, D3, 4E, 52, 9B, A7, 93, F9, 85, 06, CF, 43, 1A, E0, A3, D3, 97, 84, E3, E2, 50, DC, B6, BA, E3, F8, 3E, 28, 14, 64, 6E, 9F, A7, 4E, 2F, 2B, 69, 7A, 8A, DB, 1B, 8B, 25, 61, 42, 35, DF, 3B, 68, EB, D9, B2, BA, 1A, EA, 17, CC, 6D, 2D, 42, 61, 10, A5, BC, 89, B1, 5F, FB, 57, C7, A5, D0, 7A, C8, F4, 83, 53, B2, 2C, 02, D0, D1, A0, 6A, E7, F7, 55, 69, 7B, 67, A9, 89, 1B, D1, 1A, 78, 40, 00, 54, 5A, A8, 15, A7, 65, 04, B8, F9...
 
[+]

The file isafe_setup_t.exe has been seen being distributed by the following URL.

Remove isafe_setup_t.exe - Powered by Reason Core Security